package com.fh.zs.filter;

import com.netflix.zuul.ZuulFilter;
import com.netflix.zuul.context.RequestContext;
import com.netflix.zuul.exception.ZuulException;
import org.apache.http.HttpStatus;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Component;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.*;

/**
 * @FileName : IllegalCharFilter
 * @Description : bu允许含有任何非法字符参数的访问
 * @Author : fh
 * @Date : 2020/11/20 11:11
 * @Version : 1.0.0
 */
@Component
public class IllegalCharFilter extends ZuulFilter {

    /**
     * 获取配置文件的属性值
     */
    @Value("${illegalChar}")
    private String illegalChar;

    @Override
    public String filterType() {
        return "pre";
    }

    @Override
    public int filterOrder() {
        return 5;
    }

    @Override
    public boolean shouldFilter() {
        return true;
    }

    @Override
    public Object run() throws ZuulException {
        System.out.println("进入非法字符过滤器...");
        //使用zuul中RequestContext提供获取上下文对象方法获取上下文对象
        RequestContext currentContext = RequestContext.getCurrentContext();
        //获取HttpServletRequest
        HttpServletRequest request = currentContext.getRequest();
        //获取HttpServletResponse
        HttpServletResponse response = currentContext.getResponse();
        //获取所有请求的参数名称集合
        //http://192.168.31.209:9999/api/os/order/selectOne?id=1&a=1&b=2&c=3$cc=4
        //getParameterNames = [id,a,b,c,cc...]
        Map<String, String[]> parameterMap = request.getParameterMap();
        Iterator<String> it = parameterMap.keySet().iterator();
        while (it.hasNext()) {
            String key = it.next();
            ArrayList<String> parameterValues = new ArrayList<>();
            String[] values = parameterMap.get(key);
            for (String value : values) {
                parameterValues.add(value.toLowerCase());
            }
            System.out.println(parameterValues);
            //获取非法字符，并转换为数组
            String[] illegalCharArray = illegalChar.split(",");
            for (String ic : illegalCharArray) {
                if (parameterValues.contains(ic)) {
                    currentContext.setSendZuulResponse(false);
                    //防止响应中断
                    response.setCharacterEncoding("utf-8");
                    try {
                        response.sendError(HttpStatus.SC_FORBIDDEN, "小盆友，不可以骂人哟！！！");
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                    return null;
                }
            }
        }
//        Enumeration<String> parameterNames = request.getParameterNames();
//        //获取非法字符，并转换为数组
//        String[] illegalCharArray = illegalChar.split(",");
//        //循环
//        while (parameterNames.hasMoreElements()){
//            //parameterName 第一次id 第二次a b...
//            String parameterName = parameterNames.nextElement();
//            //parameterValue 第一次1 第二次1 2...
//            String parameterValue = request.getParameter(parameterName);
//            for (String ic : illegalCharArray) {
//                if(parameterValue.toLowerCase().contains(ic)){
//                    currentContext.setSendZuulResponse(false);
//                    //防止响应中断
//                    response.setCharacterEncoding("utf-8");
//                    try {
//                        response.sendError(HttpStatus.SC_FORBIDDEN, "小盆友，不可以骂人哟！！！");
//                    } catch (IOException e) {
//                        e.printStackTrace();
//                    }
//                    return null;
//                }
//            }
//        }
        return null;
    }
}
